Lingdang CRM 代码问题漏洞

Lingdang CRM Lingdang CRM is a customer relationship management system from the Chinese company Lingdang Lingdang. A code issue vulnerability exists in Lingdang CRM version 8.6.4.3 and prior versions, which stems from the parameter file in file/crm/wechatSession/index.php?msgid=1&operation=upload...

Radar 代码问题漏洞

Radar wind control engine is a lightweight real-time wind control engine by feihu.wang individual developers. A code issue vulnerability exists in Radar 1.0.8 and earlier versions, which stems from the parameter file in the file /services/v1/common/upload. which can lead to unlimited uploads...

07FLY CRM 安全漏洞

07FLY CRM is an OA office system of China Zero Takeoff 07FLY. A security vulnerability exists in 07FLY CRM version 1.3.8, which originates from the parameter file in the file /admin/SysModule/upload/ajaxmodel/upload/uploadfilepath/sysmodule1 that can lead to unrestricted uploads...

kvf-admin 代码问题漏洞

kvf-admin is a set of rapid development framework, scaffolding, backend management system, permission system for kalvinGit individual developers. A code issue vulnerability exists in kvf-admin, which stems from the parameter file in the file FileUploadKit.java that results in unrestricted uploads...

Composio 路径遍历漏洞

Composio is a production-ready toolset for AI agents open-sourced by Composio. A path traversal vulnerability exists in Composio version 0.5.8 and prior versions, which stems from the fact that incorrect manipulation of the parameter file can lead to path traversal. No details of the vulnerabilit...

Wanglong LTcms 代码问题漏洞

Wanglong LTcms is an enterprise website builder from China's Wanglong company. A code issue vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect operation of the parameter file that can lead to server-side request forgery...

Wanglong LTcms 代码问题漏洞

Wanglong LTcms is an enterprise website builder from China's Wanglong company. A code issue vulnerability exists in Wanglong LTcms version 1.0.20, which stems from an incorrect operation of the parameter file that can lead to server-side request forgery...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to buffer overflow in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created PAR file...

The vulnerability of Siemens Solid Edge, a design and modeling tool, relates to buffer overflow in the stack. This allows an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created PAR file...

D-Link DAR-7000 代码问题漏洞

D-Link DAR-7000 is an Internet Behavior Audit Gateway from China Youxun D-Link. A code issue vulnerability exists in the D-Link DAR-7000-40 V31R02B1413C version, which stems from the fact that incorrect operation of the parameter file can lead to unrestricted uploads...

D-Link DAR-7000 安全漏洞

D-Link DAR-7000 is an Internet behavior auditing gateway from China Youxun D-Link. A security vulnerability exists in the D-Link DAR-7000-40 V31R02B1413C version, which stems from an incorrect operation of the parameter file can lead to unrestricted uploads...

D-Link DAR-7000 代码问题漏洞

The D-Link DAR-7000 is an Internet Behavior Audit Gateway from China AUO D-Link. A code issue vulnerability exists in the D-Link DAR-7000-40 V31R02B1413C version, which stems from an incorrect operation of the parameter fileupload that can result in an unrestricted upload...

PT-2024-4452 · Siemens · Siemens Solid Edge

Name of the Vulnerable Software and Affected Versions: Siemens Solid Edge versions prior to V224.0 Update 5 Description: The issue is related to an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in...

Owl Admin 跨站脚本漏洞

OwlAdmin Owl Admin is a fast and flexible backend framework from OwlAdmin, Inc. A cross-site scripting vulnerability exists in slowlyo OwlAdmin version 3.5.7 and earlier versions, which stems from the fact that incorrect manipulation of the parameter file can lead to cross-site scripting...

YouDianCMS 代码问题漏洞

YouDianCMS is a website CMS. YouDianCMS 9.5.12 and earlier versions have a code issue vulnerability that stems from a file upload vulnerability in the parameter file of the file AppLibActionAdminChannelAction.class.php...

EasyAdmin 安全漏洞

Easyadmin is a simple, lightweight backend management system scaffolding by laker individual developers. A security vulnerability exists in EasyAdmin version 20240315 and earlier versions, which stems from path traversal due to incorrect manipulation of the parameter file...

PandaX Code Issues Vulnerabilities

PandaX is a Go language open source low-code development framework for enterprise IoT platforms from PandaX Open Source. A code issue vulnerability exists in PandaX version 20240310 and prior versions, which stems from an incorrect manipulation of the parameter file can lead to unrestricted file...

Gacjie Server Code Issue Vulnerability

Gacjie Server is a platform for monitoring cloud services. A code issue vulnerability exists in Gacjie Server version 1.0 and earlier, which stems from the parameter file in file /app/admin/controller/Upload.php that can lead to unrestricted uploads...

The vulnerability of Parasolid’s 3D geometric modeling tool lies in its ability to read data beyond the designated structure when analyzing specially created PAR files. This allows a malicious actor to execute arbitrary code within the context of the current process.

The vulnerability of Parasolid’s 3D geometric modeling tool lies in the ability to read data beyond the designated structure when analyzing specially created PAR files. Exploiting this vulnerability can allow an attacker to execute arbitrary code within the context of the current process...

OpenRapid RapidCMS 代码问题漏洞

OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. A code issue vulnerability exists in OpenRapid RapidCMS 1.3.1 and earlier versions, which stems from an arbitrary file upload vulnerability in the parameter file...